Gaining OnSite Access

Table of Contents

Conducting On-site Access.............................................................................................................. 3

Overview ......................................................................................................................................... 4

Gaining On-site Access .................................................................................................................... 5

Warning!!! ....................................................................................................................................... 6

Gaining On-Site Access -1 ............................................................................................................... 8

Gaining On-Site Access -2 ............................................................................................................... 9

Your Backstory .............................................................................................................................. 10

Props -1 ......................................................................................................................................... 13

Props -2 ......................................................................................................................................... 15

Exercise ......................................................................................................................................... 17

Exploiting On-Site Access .............................................................................................................. 20

Exploiting On-Site Access -1 .......................................................................................................... 21

Exploiting On-Site Access -2 .......................................................................................................... 23

Exploiting On-Site Access -3 .......................................................................................................... 25

On-Site Access Tactics -1............................................................................................................... 26

On-Site Access Tactics -2............................................................................................................... 28

On-Site Access Tactics -3............................................................................................................... 29

On-Site Access Tactics -4............................................................................................................... 31

On-Site Access Tactics -5............................................................................................................... 32

On-Site Access Tactics -6............................................................................................................... 33

Dangers of On-Site Access ............................................................................................................ 35

Page 1 of 37
Summary ....................................................................................................................................... 36

Notices .......................................................................................................................................... 37

Page 2 of 37
Conducting On-site Access

Conducting On-site
Access

© 2012 Carnegie Mellon University

**001 Mike Warren: All right.

Page 3 of 37
Overview

Overview
Gaining On-site Access
Exploiting On-site Access

**002 Sometimes you can't get your

access from remotely; so you have to
move onsite.

Page 4 of 37
Gaining On-site Access

Gaining On-site Access

**003 We do have a Warning Statement.

Page 5 of 37
Warning!!!

Warning!!!
Never execute a physical penetration test unless
• You have the proper authorization from the proper authority

• You have physical proof of the authorization

— Signed letter from the authorizing official…in your shoe
• You have a de-escalation plan in the event the target’s security
measures work

**004 All right. Never execute a physical

penetration test unless you have authority
to do it, from the right person. We talked
about this in penetration testing. Never
do network penetration testing without the
proper authority. Never move physically
against the target unless you have the
proper authority. Right?

Make sure you have proof of that

authority. Make sure you have a letter.
Sometimes you put it your shoe;
sometimes you put it in your back pocket,
depending on your RoE. But never-
never go without proof of authorization.

Page 6 of 37
Does anybody have questions about
that? Yes. Don't use what we're about to
teach you for bad, malicious things. All
right.

And always make sure you have a de-

escalation plan. Okay? If you're going
against a target that doesn't know you're
supposed to be there, and you're hiding in
a broom closet and somebody opens the
broom closet, you will scare them. They
will run for the closest person bigger than
you.

Make sure you have a de-escalation plan:

You have somebody's phone number;
you have all of their phone numbers;
they're out in the parking lot waiting for
you. Just make sure you can get ahold of
the person that can say, "All right, let's
knock this off, and it was a just a test; you
win." All right.

Page 7 of 37
Gaining On-Site Access -1

Gaining On-Site Access -1

This is “Advanced Penetration Testing” –

WHY are we talking about On-Site Access?
Simple – when you can not get in remotely – walk in the
front door (or the back door, or the window, or through the
ventilation system)
• Systems directly connected to the network bypass the security
zone – thus you become an “insider”.
• Sometimes – this is MUCH easier than all that phishing, trojans,
social engineering, and direct exploit stuff.

And who does insider threat detection?

**005 So de-escalation process.

Great. So why are we talking about
physical penetration testing on an
advanced penetration test? Well you're
not always going to get in from remotely.
Right? Sometimes you need to get in
onsite to get the access you need. You
just need to make sure it's within the
scope of your assessment. Right?

So for the rest of this we're going to say

the scope of the assessment was to test
externally can you get in; and once you
get in physically what can you get to? So
now you're trying to test the physical
controls that are protecting the IT
systems, such as the locks, the card
access. Do you have a clean desk

Page 8 of 37
policy? Do you have a lock your
workstation before you walk away, leave
it unattended? You're testing those
controls. So it is within scope of an IT
penetration test?

Gaining On-Site Access -2

Gaining On-Site Access -2

Unless you are moving against an entity with zero people on-
site, then you will have to rely upon social engineering to
gain access.
Social Engineering - the art of manipulating people into
performing actions or divulging confidential information1.
Your social engineering attack will rely upon “pretexting” or the
development of a false “backstory” that will lend credibility to
your need for access.

1. Goodchild, Joan (11 January 2010). "Social Engineering: The Basics". csoonline. Retrieved 14 January 2010.

**006 All right. Unless you go to a

building that has no one in it, you're
probably going to have to talk to
somebody. I know for IT people that's
sometimes hard. I'll admit that for myself.

But yes, so we're going to have to employ

social engineering. Right? We tried the
social engineering of calling somebody
up, getting their password, having them
click a link for us. Now we're actually
having to go face to face to get past a

Page 9 of 37
guard, to get on to somebody's computer,
to install UPS underneath their desk. All
right? We're going to have to talk to
people and use our social engineering skills.

Before you move against a target, you

should always have a backstory-- why are
you there?-- or a pretexting. And that can
come in different methods; and we'll go
through those. But you have to have
a backstory.

Your Backstory

Your Backstory
Develop a story that gives you a reason to be there and lets
you do what you need to do
• “I’m performing a computer inventory”
• “I need to manually push some patches to “this problem machine”
• “You’re getting a new keyboard, can I install it for you..” (e.g., your
key logger)
• “I’ve been contracted to perform a wireless assessment of this
facility”
Do not over-engineer your story, but try to make it two levels
deep
• “…who’s your boss?”
• “…what do you mean we are getting new
telephones?”
• “…your not on my list?”

**007 So what could your backstory be? Say

you had to go against a data center. I
need you all to start thinking about this;
because two of you are going to
volunteer. One's going to play the guard
and one's going to play the penetration tester.

Page 10 of 37
So what can your story be? Why would
you need to gain access to the IT systems
here in the building? What would be a
good story?

Student: Work order.

Mike Warren: Work order; right, that's a

good one. Anybody? Nobody wants to
play.

Student: Circuit down.

Mike Warren: What?

Student: Circuit down.

Mike Warren: Circuits down. Right.

I've done: I'm here to count telephones.

There was a six-storey building two
footballs fields long. I had a clipboard.
And I actually had made a whole Excel
spreadsheet so I could take the serial
number. But after like the 30th one I was
like: I'm just going to go to tick marks. So
I walked around and just-- I mean, I was
in between desks, in between cubes, just
counting. Nobody- nobody confronted me.

I went to a secure area that had a door-

had to have a badge swipe and a
doorbell. And I was like, "Okay." So I
rang the doorbell. They let me in; didn't
ask who I was.

The manager finally came up to me and

said, "What are you doing?" I'm, "Oh I'm
auditing the telephones; I'm here to count
phones." "Oh let me take you around."
And she pointed phones out. And I was
like, "Oh you've been the most helpful
person today. What's your name?"

Page 11 of 37
So your backstory. Make sure you have a
backstory; why are you there? And make
sure it goes-- it doesn't have to be over-
engineered, it just has to be able to
withstand a "Well why are you here?
Who authorized you to be here? Who's
your point of contact?" kind of stuff.
Right? "So who's your boss?" "Well I'm a
new employee." "Well who's your boss?"
"I don't remember his name. I've only met
him twice." Right?

You just have to be on the fly and be able

to come up with the right answer.

Page 12 of 37
Props -1

Props -1
Can add credibility to your story
• Organization Polo Shirt
— Check the local Thrift Stores.

• The “clipboard”
— No one asks questions from a person with a clipboard.

• Test Equipment
— If you say you are there to fix
the phone, you better have the
right equipment for the part.

**008 Props. This is probably the best

backstory.

We have one colleague, he loves to go to

a thrift store next to the entity/
organization/company he's going to move
against. And he always somehow finds a
T-shirt or a polo with that company's logo
on it. He'll put it on, walk up with his fake
badge; nobody really asks him any
questions.

So the clipboard. I like the clipboard on

the right with the compartment. Why do I
like the compartment? What do you put
in there?

Student: Thumb drive.

Page 13 of 37
Mike Warren: Yes your USB sticks, your
drop disks; anything you're going to use
while you're there. Extra forms in case
you run out of space to count your
telephones. Right.

If you say you're there to fix the

telephones, what should you have on
you?

Student: Tools.

Mike Warren: Test equipment; yes. Don't

say you're here to fix the telephone with
your pin; unless you're a chief warrant
office who can do that.

Student: Yes.

Page 14 of 37
Props -2

Props -2
The Fake Badge
• Obtain a copy or picture of a badge
• Recon what a badge looks like
• Open source research (you might get lucky)
• Capture all the detail you can
— Font and Font Size
— Images/Watermarks
— Colors
— Numbers
— Roles

+ +
0938475-093

CONTRACTOR

Your Name
=
9

**009 Mike Warren: Aw the fake badge. I love this.

All right, who's got their hotel key? All

right, you take one of these. It has a nice
strip on the back; so it looks like you have
to swipe it. You go get to a Office Depot
and you buy the little paper labels; usually
you can have a Microsoft Word template,
and you make yourself a fake badge.
This is pretty close to the one I used. I
took the company name off.

So you take one of these. And here to

there, you have to cut out the little place
for the dongle. Then you go get one of
the little plastic cover sleeves. So now
the paper label doesn't look so bad.
Right? So now when you're just flashing it.

Page 15 of 37
I had to go against this one credit union.
The guard was eight times my size; but
luckily he was 30 feet away. I was
walking in with everybody else and I hear
this, "Hey you, where's your badge?" So I
lifted it up, flashed it from 40 feet. He was
like, "Thanks." All right, you got me. So.

All right, things to look at is the color of

the-- if your trusted agent gives you an
image of the badge-- which sometimes
they do-- you need to check color, the
colors they used. Make sure you don't
make a yellow contractor badge if
contractors are green. Your name;
identifying marks; if there's funny
numbers in certain spots; different little
images. Try to make it as close as you
can. Yes. And then just try it. It doesn't
always have to be perfect to get past.

Page 16 of 37
Exercise

Exercise
How would you get past the guard…if there was one?

10

**010 All right, so just a real quick

exercise. Say you walked in- you walked
in the front door, because you're
supposed to go against a data center,
and this is what you're confronted with: a
guard with a window and a door you have
to get past. I want you all to come up with
a story that you're going to tell the guard
to get past.

Who wants to be the- who wants to be the

guard? We've got- we've got somebody
pointing in the back. We've got-- Robert
is going to be the guard and Richard's
going to be the pen tester. You're voted
most likely to succeed.

Page 17 of 37
Oh back. I guess it's gone
back the other way.
Mike Warren: All right, I need my guard
and my pen tester.

Now remember, you just walked into a

tiny hallway. You have no way to leave.
They've already seen you. And you have
to get past the other door.

Student: He's got- he's got a prop.

Mike Warren: Well no you're the guard.

Student: Yes he's got.

Mike Warren: Would you like some

coffee?

Student: Donuts?

Mike Warren: Here we go; live action

right here.

Student: Hey young one, you got a

badge?

Student: I've got one in here somewhere.

I don't know.

Mike Warren: Don't worry about the glass

that's in between you two.

Student: Yes.

Student: He's good.

Student: Badges; we don't need no

stinking badges.

Mike Warren: Here's your pretend badge.

Student: Hey give me a pretend badge.

Page 18 of 37
Mike Warren: There you go.

Student: Oh that, here it is.

Student: Hum, all right.

Student: You're a badge?

Mike Warren: All right, you're a data

center.

Student: I'll fix that.

Mike Warren: You're going to let a guy

come in with a badge and a sign in?

Student: I'm going to sign in here.

Mike Warren: Where's your 853 control?

Student: I didn't for that.

Mike Warren: All right. That wasn't a-- I

think I'll give an F on that effort. That
was- that was terrible on the guard's part.
You just got-- don't quit your day job.

Student: I'm sure I can go to McDonald's

and make more.

Mike Warren: Yes. So this is probably

the hardest one to get past is a security
guard looking at you when you just
walked in the front door. Because you
didn't know it was like that. Right? That's
why you like to scope out; that's why you
want the camera, the IP-based camera,
so you can-- "Hey wait, I don't want to go
in that door, there's nowhere to run."
Right?

Page 19 of 37
Exploiting On-Site Access

Exploiting On-Site
Access

11

**011 So thanks for that.

Page 20 of 37
Exploiting On-Site Access -1

Exploiting On-Site Access -1

You just got past the guard, your adrenaline is pumping, it
might be time to compose yourself!
Find areas you can fall back to during the assessment that are
less threating
• Restroom
• Break areas
• Copy/Print rooms

Once composed, scope out the immediate area and find

stairwells, elevators, signage, operational structure, etc.

12

**012 Student: Ouch.

Mike Warren: All right, you just got past

the guard because the guard was inept.

Student: The guard was angry about the

referees.

Student: Yes.

Mike Warren: Oh all right, the referees.

All right you got in. Your adrenalin's

pumping because you just, you know,
talked your way through. Best thing to do:
Find a place to cool down. All right?
Usually if you go into the restroom

Page 21 of 37
nobody's going to talk to you anyways.
It's a good spot. The break area. You
know, an open public area.

And before we talk about getting in, what

are good places- good areas to exploit to
get in? If you have to go against the front
door, well you're not going to-- probably
you have to talk your way in. If it's just a
door, no guard, you know you can do the
whole: I'm carrying a box; or I forgot my
badge inside. Right? I'm the new person,
let me in.

How about smoke pits?

Student: Yes.

Mike Warren: Yes.

Student: The best.

Mike Warren: Best, the best; unless

there's eight cameras looking down at the
entrance. What did you say?

Student: Just go stand there and smoke

and pretend like you belong.

Mike Warren: Right. So props; make

sure you bring cigarettes. Right?
Everybody likes to bum a cigarette. They
bum one off you, maybe you can go in the
door like, "Hey I forgot my badge, again.
Sorry."

So now you're bypassing the front- the

guard at the front and you're going
through the smoke pit.

Page 22 of 37
Exploiting On-Site Access -2

Exploiting On-Site Access -2

What do you do now that you are in?
Reassess the objectives of your assessment.
A wonderful, diverse, array of activities are now at your
disposal
• Exploit and enumerate unlocked/unattended workstations.
• Pick up print jobs left next to printers.
• Dumpster diving / File cabinet surfing
• Direct social engineering.
• Obtain direct network access, hope you brought your netbook or
rogue access point.

13

**013 All right, once you get in and you've

calmed down, you need to say, "All right
why am I here?" What do I need to go
after? Am I after open computers? Am I
trying to get into the document vault so I
can take pictures of mortgages and
loans? What am I there to do?

So remember what you're doing. You're

there most likely to do-- open desk
policies; is there a lot of papers you can
get to with personal information or
corporate proprietary information?

Are there workstations that you need to

get on to?

Page 23 of 37
Is there anything in the trash? Do they
have 100% shred policy? If they do,
you're there to test to make sure anything
in the trashcan isn't of use. All right?

Or you're there to plug in something into

the network to get direct network access.
Right? When we started the whole
penetration test, we said we're--
sometimes you'll be plugged in with your
tools; sometimes you're having to go
remote with direct exploits.

Here you'd probably be able to plug in a

laptop or take over somebody else's
laptop. Right? Because you have your
USB BackTrack live disk-dro; and you
can read it with the box.

Page 24 of 37
Exploiting On-Site Access -3

Exploiting On-Site Access -3

Before you go through it, check the door.
• Do not lock yourself in a room or elevator.
— Check both handles of the door to ensure you can exit.

— Like wise, elevators do not always stop on all floors, sometimes none
without a key.
• Try not to go through alarmed doors.
— It happens…

• Tailgating is more than just fun before a football game.

— Timing is sometimes everything.

— Carry something that looks to impede the use of your badge.

— Look for smoke pits/break areas (do not forget your props).

14

**014 All right.

All right, always check the door before

you let it close. You don't want to go
through a door that shuts behind you
locked and you find yourself in the
outside; and now you have to go back
through the front door. Just not saying it
happens; just it doesn't happen a lot.

Make sure that door isn't alarmed. I was

trying to get into the corporate security; it
was going to be funny to sit at their desk
before they came back. I needed to find
the stairwell; and I didn't know it was
alarmed until I opened it. And two ladies
turned the corner and were like, "What
are you doing?" I'm like, "I heard there

Page 25 of 37
was a problem with this alarm. Like, "It
wasn't a problem until you opened the
door." "Oh, thank you." Yes.

And tailgating; it's more than just fun at

football games-- besides watching the
refs. Yes.

Any questions on that?

Check the door before walk- you go
through it. You don't need to be locked in
a stairwell; or an elevator.

On-Site Access Tactics -1

On-Site Access Tactics -1

Find workstations that are out of the way
• Avoid the IT staff areas, if you can.
• Do not try this in the server room (unless given authorization).

Find open network ports in

• Conference rooms
• Infrastructure closets
• Abandoned offices
• Break rooms

15

**015 If you get in the elevator,

make sure you can open the door.
All right, another one: Find open
workstations. If you find an open
workstation what you should do-- what

Page 26 of 37
should you do? Right, it's open. It has
shares; it has connection to the internet.
Right? You want to take as much time as
you can to enumerate what access you
have. They probably open their email; so
you have access to their email. You have
access to their internet, their share point.

Now at this point you want to either install

a tool, a remote tool-- if that's part of your
assessment-- or just to see what you
could do on the network. Right? That's
where you have to use the homegrown
native tools to enumerate file shares,
enumerate what access you have.

Where can you find open network ports--

besides this classroom-- just laying
around? Right? Hopefully you can find
one in like a break area; and then you can
just sit there and peruse.

Abandoned offices are good; unless

somebody comes up and says, "Why are
you sitting here?" So what do you say if
somebody comes up to you: "Why are
you sitting here?"

Student: Do a "Boy."

Mike Warren: "Oh boy; I'm checking to

make sure this drop isn't hot." All right.
Always have a story wherever
you're at.

Page 27 of 37
On-Site Access Tactics -2

On-Site Access Tactics -2

Plant physical backdoors for continued access.
• Drop a rogue wireless access point.
• Install a “new” workstation, (which has your remote access tools on
it of course!)

http://www.renderlab.net/projects/sneaky/

16

**016 All right, or if you want to

physically plant a backdoor. This is off of
renderlab.net/projects/sneaky/. They took
a UPS, made a wireless access point of it
and wired access- network drop so they
could plug into the abandoned drop.
Chris had mentioned how he had made
one. Before I got into the organization
they used to drop these.

Yes. So if you-- I did one assessment.

We got in- we went into the-- 4:45 in the
afternoon we walked in, myself and
another colleague. We walked around
and found an audio/video room; and we
went in there and sat in there for an hour
and a half waiting for everybody to go
home.

Page 28 of 37
It was the headquarters audio/video
room. So we took a wireless access
point, put it above the projector, plugged it
in to a network cable. We would then sit
in the parking lot, in the snow, and
download all of our exfiltrated- or exfiltrate
all the data that we found the day before.

So it can be just a regular access point.

You can try to hide it. A couple of things
you can do. It's your imagination
that will limit you.

On-Site Access Tactics -3

On-Site Access Tactics -3

Cyber “backdoors”
• Always have a CD and/or USB drive with your tools on it.
• Open workstations are prime candidates for your tools.
• Social engineer your way onto someone’s Windows box and then
install your remote access tool(s).
Drop Disks/USB sticks
• Implement Autorun or Trojan files.
• It is all in the label
— “Bora-Bora Vacation Pics”

— “Revised Executive Pay-Scale Docs”

— “Company Proprietary”

Reduce your on-site trips – install

a backdoor!
17

**017 All right, so we've talked about

backdoors before. Always have your toolset on
you in case you do get access to a computer.
Drop disks and USB sticks; talked about
those with either Autorun or Trojanized

Page 29 of 37
files. Somebody actually opens it; it's
going to come back to you and let you
know that somebody opened it.

It doesn't always have to be for access.

In case you are there to test a employee's
response; you know, just seeing that they
open the file and it pinged back to you is
good enough. But if it is here- if it is the
point of your op to get into the network,
then make sure you have your toolkit that
can come out of the firewall.

Again, make sure you put good labels on

it; like Bora Bora Vacation pics or
Company Proprietary.

Page 30 of 37
On-Site Access Tactics -4

On-Site Access Tactics -4

Hunt for passwords
• It is human nature to be lazy,
so it is written down somewhere.

Always Check “P” for

Password!!!!

Sometimes Look Up!!!!

Sometimes Look Under!!!!

18

**018 Hunting for passwords. Where do

you all store your passwords? Anybody?
Who writes them down? No one writes
them down? Yes. Usually if you go in the
Rolodex under 'P' you'll find P,
passwords. Under keyboards is good.
File cabinets.

I heard a story about one person had a

colleague that every time he came in in
the morning, he would just sit there and
look up; and then he'd type a little and
he'd look up, and type a little bit and look
up. And they're like: What is going on?

So one day they just sat in their chair- his

chair and looked up; and in the ceiling tile
he had written his password. It was really

Page 31 of 37
small but just so he could see it. So.
People will do weird things. So look
around. Never give up; you'll find it
somewhere.

On-Site Access Tactics -5

On-Site Access Tactics -5

You have access to an open computer, now what do you do?
• If it is wireless, open the wireless configuration manager and
unmask the passphrase.
• Look for mounted file shares.

• Look in the User’s “My Documents” and/or “My Downloads”.

• Find a copy of the VPN client (you might need their password too).

• Add a user.

• Install a keylogger.

• Install your remote access toolset.

19

**019 Yes, so if you do have access.

What happens if you get into a laptop
and it has wireless and it's open; what
can you do? Right, just right-click the
interface; look at the- get the security key.
What does that give you now? Gives you
wireless access with your laptop-- right?--
or your device. So now you can go
maybe outside, if you can reach the
wireless from outside; go back in the
break room, sit down with wireless
access.

Page 32 of 37
Yes, so look for managed shares. Look in
My Documents and My Downloads.
Right? If you're getting stuff off a shared
point and documents are downloaded, a
plethora of interesting documents in there.

Get a copy of the VPN, if you can get

remote- remote access; especially if you
got the person's username and password.
But make sure they don't have to have to
multi-factor authentication.
Add a user. Install a keylogger.
If you have access, the world is yours.

On-Site Access Tactics -6

On-Site Access Tactics -6

Piecing it all together
• Does your target entity have a 100% shred policy?

• What type of shredder are they using?

— It they are using a strip-cut shredder, it might be time to show them why
it is insufficient in protecting their information.

— Prove a point, do not splice the entire shred pile back together.

20

**020 All right. Has anybody ever had

to try to tape together a shred? Yes, it's mind
numbing; especially if there's lots of it.
But I had to do it before. I think it was a

Page 33 of 37
new thing that Chris made people do.
And yes I think I still have paper cuts.

But if they don't have a proper shred, like

the confetti shred and they do the strip
shredding, it can be put together. If you
are doing a pen test for a corporate entity
or just an organization and you want to
prove why they need the confetti shred, it
is good to put together a document. You
just want to make sure you put together a
useful document that shows importance;
not somebody's grocery list. So. But you
won't know that 'til the end.
So good luck.

Page 34 of 37
Dangers of On-Site Access

Dangers of On-Site Access

Have a plan to de-escalate a situation.
• Always have a Get-out-of-jail-free Letter on you at all times.
• Know your trusted agents contact gouge, all of it.
— Nervous people make bad decisions.

Do not run from the people with guns!

• You are not there to test their accuracy!

Do what the dog handler says.

• Nor are you there to test the jaw strength of the K-9!

22

**022 All right, some dangers of onsite

access. It's again-- I'll foot-stomp this.
Make sure you have a de-escalation plan.
If their security measures do work-- which
they're supposed to-- you will get caught.

You need to make sure that you can de-

escalate that situation; tell them, "Hey--"
Take them in a room: "Here's my letter,
here's my point of contact. Call them."
You always want to try to take them off
where other people can't hear, so that you
can continue; you know, you give them a
"that-a-boy" and say, "Hey great job, you
got me." Talk with a PoC; make sure it's
still okay to proceed. That kind of rules of
engagement.

Page 35 of 37
Do not run from the guys with the guns.
You're not there to test their accuracy. If
they say "Stop"; "All right, you got me.
Good." Hopefully they don't have guns.
But don't run from them.

And even worse: Do whatever the dog

handler says. If he says, "Get off the
desk," get off the desk. Just do whatever
the dog handler says.

Summary

Summary
Gaining On-site Access
Exploiting On-site Access

23

**023 All right, it was kind of quick. But it

was gaining onsite access, exploiting onsite access.

What do we always have before we do this?

Student: Authorization.

Page 36 of 37
Mike Warren: Authorization. What else
do we have on us?

Student: Contact info.

Mike Warren: Proof of authorization-- right?-- a letter signed.

And who do we not run from?

Student: Men with guns.

Mike Warren: The dog.

Student: The dog.

Mike Warren: Never run from the dog.

Notices

Notices
© 2012 Carnegie Mellon University
This material is distributed by the Software Engineering Institute (SEI) only to course attendees for their
own individual study.
Except for the U.S. government purposes described below, this material SHALL NOT be reproduced or
used in any other manner without requesting formal permission from the Software Engineering Institute at
permission@sei.cmu.edu.

This material was created in the performance of Federal Government Contract Number FA8721-05-C-0003
with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded
research and development center. The U.S. government's rights to use, modify, reproduce, release,
perform, display, or disclose this material are restricted by the Rights in Technical Data-Noncommercial
Items clauses (DFAR 252-227.7013 and DFAR 252-227.7013 Alternate I) contained in the above identified
contract. Any reproduction of this material or portions thereof marked with this legend must also reproduce
the disclaimers contained on this slide.
Although the rights granted by contract do not require course attendance to use this material for U.S.
government purposes, the SEI recommends attendance to ensure proper understanding.
THE MATERIAL IS PROVIDED ON AN “AS IS” BASIS, AND CARNEGIE MELLON DISCLAIMS ANY AND
ALL WARRANTIES, IMPLIED OR OTHERWISE (INCLUDING, BUT NOT LIMITED TO, WARRANTY OF
FITNESS FOR A PARTICULAR PURPOSE, RESULTS OBTAINED FROM USE OF THE MATERIAL,
MERCHANTABILITY, AND/OR NON-INFRINGEMENT).
CERT ® is a registered mark owned by Carnegie Mellon University.

24

**024 Great, thanks.

Page 37 of 37